CVE-2025-5816 (GCVE-0-2025-5816)
Vulnerability from cvelistv5 – Published: 2025-07-18 04:23 – Updated: 2025-07-18 13:53
VLAI?
Title
Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship <= 3.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) View Order Tracking Details
Summary
The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the get_order_detail() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user's orders.
Severity ?
4.3 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| biteship | Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo – Biteship |
Affected:
* , ≤ 3.2.0
(semver)
|
Credits
ch4r0n
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5816",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-18T13:53:35.761080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T13:53:42.530Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \u2013 Biteship",
"vendor": "biteship",
"versions": [
{
"lessThanOrEqual": "3.2.0",
"status": "affected",
"version": "*",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "ch4r0n"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \u2013 Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the get_order_detail() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user\u0027s orders."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T04:23:01.362Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/48509d43-57bb-452c-b39b-905354a273f3?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/biteship/trunk/public/class-biteship-public.php#L327"
},
{
"url": "https://plugins.trac.wordpress.org/browser/biteship/trunk/includes/class-biteship.php#L515"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-07-17T16:22:18.000+00:00",
"value": "Disclosed"
}
],
"title": "Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \u2013 Biteship \u003c= 3.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) View Order Tracking Details"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-5816",
"datePublished": "2025-07-18T04:23:01.362Z",
"dateReserved": "2025-06-06T16:32:21.917Z",
"dateUpdated": "2025-07-18T13:53:42.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-5816\",\"sourceIdentifier\":\"security@wordfence.com\",\"published\":\"2025-07-18T05:15:31.547\",\"lastModified\":\"2025-07-22T13:06:27.983\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \u2013 Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the get_order_detail() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user\u0027s orders.\"},{\"lang\":\"es\",\"value\":\"El complemento Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \u2013 Biteship para WordPress es vulnerable a una Referencia Directa a Objetos Insegura en todas las versiones hasta la 3.2.0 incluida a trav\u00e9s de get_order_detail() debido a la falta de validaci\u00f3n en una clave controlada por el usuario. Esto permite que atacantes autenticados, con acceso de suscriptor o superior, vean los pedidos de otros usuarios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@wordfence.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":4.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"security@wordfence.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]}],\"references\":[{\"url\":\"https://plugins.trac.wordpress.org/browser/biteship/trunk/includes/class-biteship.php#L515\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://plugins.trac.wordpress.org/browser/biteship/trunk/public/class-biteship-public.php#L327\",\"source\":\"security@wordfence.com\"},{\"url\":\"https://www.wordfence.com/threat-intel/vulnerabilities/id/48509d43-57bb-452c-b39b-905354a273f3?source=cve\",\"source\":\"security@wordfence.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-5816\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-18T13:53:35.761080Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-18T13:53:39.563Z\"}}], \"cna\": {\"title\": \"Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \\u2013 Biteship \u003c= 3.2.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) View Order Tracking Details\", \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"ch4r0n\"}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 4.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\"}}], \"affected\": [{\"vendor\": \"biteship\", \"product\": \"Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \\u2013 Biteship\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.2.0\"}], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-07-17T16:22:18.000+00:00\", \"value\": \"Disclosed\"}], \"references\": [{\"url\": \"https://www.wordfence.com/threat-intel/vulnerabilities/id/48509d43-57bb-452c-b39b-905354a273f3?source=cve\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/biteship/trunk/public/class-biteship-public.php#L327\"}, {\"url\": \"https://plugins.trac.wordpress.org/browser/biteship/trunk/includes/class-biteship.php#L515\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \\u2013 Biteship plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.2.0 via the get_order_detail() due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view other user\u0027s orders.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"shortName\": \"Wordfence\", \"dateUpdated\": \"2025-07-18T04:23:01.362Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-5816\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-18T13:53:42.530Z\", \"dateReserved\": \"2025-06-06T16:32:21.917Z\", \"assignerOrgId\": \"b15e7b5b-3da4-40ae-a43c-f7aa60e62599\", \"datePublished\": \"2025-07-18T04:23:01.362Z\", \"assignerShortName\": \"Wordfence\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…